/*   **********************************************************************  **
 **   Copyright notice                                                       **
 **                                                                          **
 **   (c) 2009, Around(J2)ME				                                 **
 **   All rights reserved.                                                   **
 **                                                                          **
 **   This program and the accompanying materials are made available under   **
 **   the terms of the New BSD License which accompanies this    			 **
 **   distribution.											                 **
 **   A copy is found in the textfile LICENSE.txt							 **
 **                                                                          **
 **   This copyright notice MUST APPEAR in all copies of the file!           **
 **                                                                          **
 **   Main developers:                                                       **
 **     Juri Strumpflohner		http://blog.js-development.com	             **
 **		Matthias Braunhofer		http://matthias.jimdo.com                    **
 **                                                                          **
 **  **********************************************************************  */

package org.aroundme.model;

import org.aroundme.persistency.UserManager;
import org.bouncycastle.util.encoders.Hex;
/**
 * This class is responsible for doing anything related to security,
 * such as authentication
 * 
 */
public class ApplicationSecurityManager {
	private UserManager userMan = null;
	private Encrypter encrypter = null;

	public ApplicationSecurityManager() {
	}
	
	/**
	 * Validates if a user has the rights to access the data
	 * @param username login-name of the user
	 * @param password password of the user (in encrypted form)
	 * @return true if everything was fine, false otherwise
	 */
	public boolean checkLogin(String username, String password){
		//retrieve user object from DB
		User user = userMan.getUserByLoginName(username);
		if(user == null)
			return false;
		else{
			String decryptedPassw = encrypter.performDecrypt(Hex.decode(password));
			return user.getPassword().equals(decryptedPassw);
		}
		
	}

	/*
	 * Getters and Setters
	 */
	
	public UserManager getUserMan() {
		return userMan;
	}

	public void setUserMan(UserManager userMan) {
		this.userMan = userMan;
	}

	public Encrypter getEncrypter() {
		return encrypter;
	}

	public void setEncrypter(Encrypter encrypter) {
		this.encrypter = encrypter;
	}


}
